/**
 * 
 */
package com.example.sjt.filter;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import com.example.sjt.model.JwtUser;
import com.example.sjt.model.LoginUser;
import com.example.sjt.util.JwtTokenUtils;
import com.fasterxml.jackson.databind.ObjectMapper;

/**
 * @author yuqy
 *
 */
public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilter {

	private ThreadLocal<Integer> rememberMe = new ThreadLocal<>();
	private AuthenticationManager authenticationManager;

	public JWTAuthenticationFilter(AuthenticationManager authenticationManager) {
		this.authenticationManager = authenticationManager;
		super.setFilterProcessesUrl("/auth/login");
	}

	@Override
	public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {

		// 从输入流中获取到登录的信息
		try {
			LoginUser loginUser = new ObjectMapper().readValue(request.getInputStream(), LoginUser.class);
			rememberMe.set(loginUser.getRememberMe());
			return authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(loginUser.getUsername(), loginUser.getPassword(), new ArrayList<>()));
		} catch (IOException e) {
			e.printStackTrace();
			return null;
		}
	}

	// 成功验证后调用的方法
	// 如果验证成功，就生成token并返回
	@Override
	protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException {

		JwtUser jwtUser = (JwtUser) authResult.getPrincipal();
		System.out.println("jwtUser:" + jwtUser.toString());
		boolean isRemember = rememberMe.get() == 1;

		String role = "";
		Collection<? extends GrantedAuthority> authorities = jwtUser.getAuthorities();
		for (GrantedAuthority authority : authorities) {
			role = authority.getAuthority();
		}

		String token = JwtTokenUtils.createToken(jwtUser.getUsername(), role, isRemember);
//        String token = JwtTokenUtils.createToken(jwtUser.getUsername(), false);
		// 返回创建成功的token
		// 但是这里创建的token只是单纯的token
		// 按照jwt的规定，最后请求的时候应该是 `Bearer token`
		response.setHeader("token", JwtTokenUtils.TOKEN_PREFIX + token);
	}

	@Override
	protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException, ServletException {
		response.getWriter().write("authentication failed, reason: " + failed.getMessage());
	}

}
